Video
اداة لاختراق الحسابات بطريقة Phishing
Full Cybersecurity Mastery Diploma
Back to Diplomas
🔹 CIA Triad
🔹 Ethical Hacking Concepts
🔹 Threat Actors & Attack Types
🔹 Security Controls
🔹 Laws & Regulations
🔹 Security Standards & Frameworks
🔹 Penetration Testing Methodologies
🔹 Pentest Lifecycle
🔹 Rules of Engagement & Scope
🔹 Assessment Methodologies
🔹 Active vs Passive Approaches
🔹 Learning Methodologies
🔹 Documentation & Reporting
🎯 Tasks
📄 Analyze a Sample Security Assessment Report
📝 Write an Executive Summary for a Security Finding
📸 Build Professional Evidence Documentation with Screenshots
🚀 Project
🛡️ Create a Complete Penetration Testing Report
• Executive Summary
• Scope Definition
• Findings
• Risk Assessment
• Recommendations
• Technical Evidence
🔹 Public Information Sources
🔹 WHOIS Enumeration
🔹 Passive DNS Analysis
🔹 Search Engine Footprinting
🔹 Social Media Footprinting
🔹 Email Footprinting
🔹 Website Footprinting
🔹 Netcat Fundamentals
🔹 Nmap Fundamentals
🔹 DNS Enumeration
🔹 SMB Enumeration
🔹 SMTP Enumeration
🔹 SNMP Enumeration
🔹 Living off the Land Techniques
🎯 Tasks
🔎 Perform OSINT Investigation on a Sample Target
🌐 Gather Domain & DNS Information using WHOIS and Passive DNS
📡 Discover Hosts and Services using Nmap
🚀 Project
🛡️ Complete Reconnaissance Assessment
• Target Profiling
• OSINT Collection
• DNS Enumeration
• Service Discovery
• Attack Surface Documentation
• Professional Reconnaissance Report
🔹 Vulnerability Types & Categories
🔹 Nessus Security Scanner
🔹 OpenVAS Security Scanner
🔹 Nmap NSE Scripts
🔹 CVE Database
🔹 CVSS Scoring System
🔹 Risk Assessment
🔹 Impact Analysis
🎯 Tasks
🔎 Perform Vulnerability Scan using Nessus
🛡️ Perform Vulnerability Scan using OpenVAS
📡 Discover Vulnerabilities using Nmap NSE Scripts
📊 Analyze CVE Entries and Calculate Risk Severity
🚀 Project
🏆 Comprehensive Vulnerability Assessment Report
• Asset Discovery
• Vulnerability Scanning
• CVE Analysis
• CVSS Scoring
• Risk Prioritization
• Remediation Recommendations
• Executive Summary
• Technical Report
🔹 OWASP Top 10
🔹 Burp Suite
🔹 Web Proxies
🔹 Headers Analysis
🔹 Cookies Analysis
🔹 Source Code Review
🔹 API Testing
🔹 Web Server Enumeration
🔹 Web Server Misconfigurations
🔹 Web Shells
🔹 SQL Injection
🔹 SQLMap
🔹 Cross-Site Scripting (XSS)
🔹 Directory Traversal
🔹 Local File Inclusion (LFI)
🔹 Remote File Inclusion (RFI)
🔹 File Upload Vulnerabilities
🔹 Command Injection
🎯 Tasks
🔍 Perform Web Application Enumeration using Burp Suite
🌐 Analyze Headers, Cookies & Source Code
🗄️ Identify SQL Injection Vulnerabilities in a Lab Environment
⚡ Analyze XSS Vulnerabilities and Their Impact
📂 Assess File Handling & Path Traversal Risks
📤 Review File Upload Security Controls
🚀 Project
🏆 Complete Web Application Security Assessment
• Web Application Reconnaissance
• Attack Surface Mapping
• OWASP Top 10 Review
• Vulnerability Identification
• Risk Assessment
• Evidence Collection
• Remediation Recommendations
• Professional Security Report
🔹 Gaining Access Concepts
🔹 System & Host-Based Attacks
🔹 Application Execution & Persistence Concepts
🔹 Exploit Reliability & Risk Management
🔹 Exploit-DB
🔹 SearchSploit
🔹 Nmap NSE Scripts
🔹 Google Dorking for Research
🔹 Target Exploitation Methodology
🔹 Buffer Overflow Fundamentals
🔹 Cross-Compiling
🔹 Memory Corruption Exploits
🔹 Web Exploit Analysis
🔹 Metasploit Framework
🔹 msfconsole
🔹 Auxiliary Modules
🔹 Exploit Modules
🔹 Payload Concepts
🔹 Meterpreter
🔹 msfvenom
🔹 Resource Scripts
🔹 Authentication Attacks
🔹 Wordlists Fundamentals
🔹 NTLM & Net-NTLMv2
🔹 Hydra
🔹 Hashcat
🔹 John the Ripper
🔹 Cryptography Fundamentals
🔹 Symmetric Encryption
🔹 Asymmetric Encryption
🔹 Hashing
🔹 PKI
🔹 Cryptanalysis
🔹 Cryptographic Attacks
🎯 Tasks
🔎 Research Public Vulnerabilities using Exploit-DB & SearchSploit
🛠️ Explore Metasploit Framework Components
🔐 Analyze Authentication & Password Security Mechanisms
📊 Compare Hashing & Encryption Technologies
🚀 Project
🏆 Exploitation & Access Assessment Report
• Vulnerability Research
• Exploit Analysis
• Authentication Security Review
• Cryptography Assessment
• Risk Analysis
• Technical Findings
• Security Recommendations
• Professional Report
🔹 Man-in-the-Middle (MITM)
🔹 ARP Poisoning
🔹 Packet Capture & Analysis
🔹 Wireshark Fundamentals
🔹 Network Sniffing Techniques
🔹 DHCP Attacks
🔹 MAC-Based Attacks
🔹 Session Hijacking
🔹 Network-Level Session Attacks
🔹 Application-Level Session Attacks
🔹 Network Attack Tools & Techniques
🔹 Denial of Service (DoS) Attacks
🔹 Distributed Denial of Service (DDoS)
🔹 Botnets Fundamentals
🔹 Detection & Protection Mechanisms
🔹 Social Engineering Techniques
🔹 Phishing Campaigns
🔹 Client Fingerprinting
🔹 Target Reconnaissance
🔹 Fingerprinting Techniques
🔹 Microsoft Office Security
🔹 Office Macros
🔹 Windows Library Files
🎯 Tasks
📊 Analyze Network Traffic using Wireshark
🔍 Identify Network Protocols and Security Weaknesses
📧 Analyze Real-World Phishing Scenarios
🛡️ Assess Client-Side Security Risks
🚀 Project
🏆 Network & Social Engineering Security Assessment
• Network Traffic Analysis
• Attack Surface Identification
• Session Security Review
• Social Engineering Assessment
• Risk Analysis
• Security Recommendations
• Professional Security Report
🔹 Trojan Malware
🔹 Computer Viruses
🔹 Worms
🔹 Ransomware
🔹 Malware Analysis
🔹 Advanced Persistent Threats (APT)
🔹 Fileless Malware
🔹 Antivirus (AV) Architecture
🔹 Detection Engines
🔹 Malware Detection Techniques
🔹 AV Evasion Concepts
🔹 Automated Evasion Techniques
🔹 IDS/IPS Evasion Concepts
🔹 Firewall Evasion Concepts
🔹 Honeypots
🔹 Honeynet Detection Concepts
🎯 Tasks
🔍 Analyze Malware Categories and Their Behaviors
🛡️ Compare Antivirus Detection Mechanisms
📊 Identify Indicators of Compromise (IOCs)
🍯 Study Honeypot Deployments and Detection Methods
🚀 Project
🏆 Malware Threat Assessment Report
• Malware Classification
• Threat Analysis
• Detection Mechanisms Review
• Security Control Assessment
• Risk Evaluation
• Incident Indicators
• Security Recommendations
• Professional Technical Report
🔹 Situational Awareness
🔹 File Transfer Between Systems
🔹 Data Collection
🔹 Credential Gathering
🔹 Windows Privilege Model
🔹 Windows Access Control Mechanisms
🔹 Service Misconfigurations
🔹 DLL Hijacking Concepts
🔹 Unquoted Service Paths
🔹 Scheduled Tasks
🔹 Access Tokens
🔹 Privilege Abuse Concepts
🔹 Manual Enumeration
🔹 Automated Enumeration
🔹 Credential Harvesting
🔹 System & User Data Analysis
🔹 Linux Privilege Escalation Concepts
🔹 Cron Jobs
🔹 Misconfigured Permissions
🔹 SUID Binaries
🔹 Linux Capabilities
🔹 sudo Misconfigurations
🔹 Kernel Exploitation Concepts
🎯 Tasks
🔍 Perform Manual System Enumeration
⚙️ Review Windows & Linux Security Configurations
🔑 Analyze Credential Storage Mechanisms
📊 Identify Privilege Escalation Risk Factors
🚀 Project
🏆 Post-Exploitation Security Assessment
• System Enumeration
• Privilege Analysis
• Credential Security Review
• Windows Security Assessment
• Linux Security Assessment
• Risk Evaluation
• Security Recommendations
• Professional Technical Report
🔹 Network Segmentation
🔹 Internal Network Traversal
🔹 Port Forwarding Concepts
🔹 Socat Fundamentals
🔹 SSH Tunneling
🔹 Local Port Forwarding
🔹 Dynamic Port Forwarding
🔹 Remote Port Forwarding
🔹 Windows Port Forwarding
🔹 Plink
🔹 Netsh Port Proxy
🔹 HTTP Tunneling Concepts
🔹 Chisel Fundamentals
🔹 DNS Tunneling Concepts
🔹 dnscat Overview
🔹 Deep Packet Inspection (DPI)
🔹 Traffic Inspection Mechanisms
🔹 Network Evasion Concepts
🎯 Tasks
🌐 Analyze Network Segmentation Scenarios
🔍 Compare Different Port Forwarding Approaches
📊 Study HTTP & DNS Communication Channels
🛡️ Review DPI Detection and Monitoring Mechanisms
🚀 Project
🏆 Network Pivoting & Traffic Analysis Assessment
• Network Architecture Review
• Segmentation Analysis
• Traffic Flow Mapping
• Tunneling Technology Assessment
• Detection Opportunities
• Security Recommendations
• Risk Evaluation
• Professional Technical Report
🔹 Manual Enumeration
🔹 PowerShell Enumeration
🔹 .NET Enumeration
🔹 SPN Enumeration
🔹 Object Permissions Analysis
🔹 Shared Resources Enumeration
🔹 SharpHound
🔹 BloodHound
🔹 NTLM Authentication
🔹 Kerberos Authentication
🔹 Stored Credentials
🔹 Active Directory Password Attacks
🔹 Kerberoasting
🔹 AS-REP Roasting
🔹 Kerberos Ticket Security
🔹 Domain Controller Trust Model
🔹 Lateral Movement Concepts
🔹 WMI
🔹 WinRM
🔹 PsExec
🔹 DCOM
🔹 Pass-the-Hash
🔹 Overpass-the-Hash
🔹 Persistence Concepts
🔹 Golden Ticket Concepts
🔹 Shadow Copies
🎯 Tasks
🔍 Enumerate Active Directory Objects & Permissions
📊 Analyze AD Relationships using BloodHound
🔐 Review NTLM & Kerberos Authentication Flows
🛡️ Assess Credential Security within Active Directory
🚀 Project
🏆 Active Directory Security Assessment
• Active Directory Enumeration
• Authentication Review
• Privilege Mapping
• Attack Path Analysis
• Credential Security Assessment
• Risk Evaluation
• Security Recommendations
• Professional Technical Report
🔹 Initial Access Techniques
🔹 Attack Chain Methodology
🔹 Web → Internal → Active Directory → Domain Controller Flow
🔹 Phishing for Initial Compromise
🔹 Kerberoasting in Real Scenarios
🔹 NTLM Relay Attacks
🔹 Privilege Escalation to Domain Admin
🔹 Full Box Methodology
🔹 Time Management in Pentesting Exams
🔹 Dependency Chains in Attacks
🔹 Decoy Machines & Misleading Paths
🔹 Try Harder Mindset
🔹 Final Assessment Simulation
🎯 Tasks
🧪 Perform a Full Simulated Penetration Test (End-to-End)
🌐 Start from External Recon and Reach Internal Network
🏢 Achieve Domain Controller Compromise in Lab Scenario
📊 Document Full Attack Chain with Evidence
🚀 Final Project
🏆 Complete Realistic Enterprise Penetration Test
• External Reconnaissance
• Initial Access (Web / Phishing / Exploit)
• Internal Network Pivoting
• Active Directory Exploitation
• Privilege Escalation to Domain Admin
• Full Documentation
• Executive Report
• Technical Report
• Defense Recommendations
🔹 Red Team vs Blue Team
🔹 Purple Team Concept
🔹 Defensive Security Principles
🔹 SOC Architecture
🔹 SOC Roles & Responsibilities
🔹 L1 Analyst
🔹 L2 Analyst
🔹 L3 Analyst / Threat Hunter
🔹 SOC Manager
🔹 CIRT Team
🔹 Analyst Mindset
🔹 Alert Triage
🔹 Incident Classification
🔹 Escalation Process
🔹 Investigation Methodology
🔹 The 5 Ws Framework
🎯 Tasks
🛡️ Complete Defensive Security Introduction Lab
🏢 Explore SOC Structure & Team Responsibilities
🚨 Perform Alert Triage Scenarios
📝 Investigate Security Alerts Using the 5 Ws Methodology
🚀 Practical Labs
🧪 LAB 01 – Defensive Security Introduction
• SOC Fundamentals
• DFIR Basics
• Threat Intelligence
• SIEM Overview
🧪 LAB 02 – SOC Fundamentals
• People
• Process
• Technology
• SOC Operations
🧪 LAB 03 – Junior Security Analyst
• Analyst Workflow
• Alert Handling
• Incident Escalation
🧪 LAB 04 – SOC Alert Triage
• Alert Classification
• True vs False Positives
• Reporting & Documentation
🏆 Final Exercise
• Analyze Multiple Security Alerts
• Classify Incidents Correctly
• Escalate Critical Findings
• Create a Professional Incident Report
🔹 Packets & Protocols
🔹 Traffic Baselines
🔹 Normal vs Anomalous Traffic
🔹 Network Monitoring
🔹 Wireshark Fundamentals
🔹 PCAP Analysis
🔹 Display Filters
🔹 Stream Analysis
🔹 Traffic Statistics
🔹 Zeek (Bro)
🔹 Network Security Monitoring
🔹 Snort IDS/IPS
🔹 Detection Rules
🔹 Alert Analysis
🔹 Signature-Based Detection
🎯 Tasks
📊 Analyze Network Traffic Captures (PCAP Files)
🦈 Investigate Suspicious Activity using Wireshark
📡 Establish a Normal Traffic Baseline
🚨 Review and Analyze IDS Alerts
🚀 Practical Labs
🧪 LAB 05 – Traffic Analysis Essentials
• Network Fundamentals
• Protocol Analysis
• Traffic Monitoring
🧪 LAB 06 – Wireshark Basics
• Packet Capture
• Filtering Techniques
• PCAP Analysis
🧪 LAB 07 – Wireshark Packet Operations
• Stream Analysis
• Statistics
• Advanced Investigation
🧪 LAB 08 – Zeek Basics
• Network Monitoring
• Log Analysis
• Security Visibility
🧪 LAB 09 – Snort Fundamentals
• IDS/IPS Concepts
• Rule Analysis
• Alert Investigation
🏆 Final Exercise
• Analyze a Suspicious PCAP File
• Identify Network Anomalies
• Investigate Security Alerts
• Document Findings
• Create a Professional Network Analysis Report
🔹 Event Viewer
🔹 Security Event Analysis
🔹 Authentication Events
🔹 Process Creation Events
🔹 Persistence Indicators
🔹 User Account Monitoring
🔹 Service Installation Monitoring
🔹 Endpoint Security Fundamentals
🔹 Windows Core Processes
🔹 Sysmon Fundamentals
🔹 Process Monitoring
🔹 Network Connection Monitoring
🔹 File Creation Monitoring
🔹 Registry Monitoring
🔹 DNS Monitoring
🔹 Host-Based Investigation
🔹 Process Analysis
🔹 Linux Forensics Fundamentals
🎯 Tasks
🪟 Investigate Windows Security Logs
🔍 Analyze Authentication Events
⚙️ Identify Suspicious Process Activity
👁️ Review Sysmon Events for Threat Indicators
🚀 Practical Labs
🧪 LAB 10 – Windows Event Logs
• Event Viewer
• Security Logs
• PowerShell Log Analysis
🧪 LAB 11 – Introduction to Endpoint Security
• Core Windows Processes
• Endpoint Monitoring
• Security Investigation
🧪 LAB 12 – Sysmon Fundamentals
• Sysmon Deployment
• Event Collection
• Event Analysis
🏆 Final Exercise
• Analyze a Compromised Endpoint Scenario
• Investigate User & Process Activity
• Correlate Windows Logs & Sysmon Events
• Identify Indicators of Compromise (IOCs)
• Document Findings
• Create a Professional Incident Investigation Report
🔹 Security Monitoring
🔹 Log Aggregation
🔹 Log Normalization
🔹 Event Correlation
🔹 Alerting & Detection
🔹 Security Dashboards
🔹 Log Sources
🔹 Splunk Fundamentals
🔹 Search Processing Language (SPL)
🔹 Dashboards & Visualizations
🔹 Security Use Cases
🔹 Incident Investigation
🔹 ELK Stack
🔹 Elasticsearch
🔹 Logstash
🔹 Kibana
🔹 KQL (Kibana Query Language)
🔹 Index Patterns
🔹 Data Visualization
🔹 Threat Detection
🎯 Tasks
🧩 Identify and Categorize Log Sources
🔍 Build SPL Queries for Security Investigations
📊 Create Security Dashboards in Splunk
📈 Analyze Security Events using Kibana & KQL
🚀 Practical Labs
🧪 LAB 13 – Introduction to SIEM
• SIEM Concepts
• Log Sources
• Security Monitoring
🧪 LAB 14 – Splunk Basics
• Splunk Navigation
• Search Fundamentals
• SPL Introduction
🧪 LAB 15 – Exploring SPL
• Advanced Searches
• Data Analysis
• Dashboard Creation
🧪 LAB 16 – Investigating with Splunk
• Security Investigation Workflow
• Incident Analysis
• Threat Detection
🧪 LAB 17 – Investigating with ELK
• Kibana Investigation
• KQL Queries
• Log Analysis
🏆 Final Exercise
• Collect & Analyze Security Logs
• Correlate Multiple Events
• Detect Suspicious Activity
• Build Monitoring Dashboards
• Investigate a Security Incident
• Create a Professional SIEM Investigation Report
🔹 CTI Lifecycle
🔹 Indicators of Compromise (IOCs)
🔹 Threat Feeds
🔹 Open-Source Intelligence (OSINT)
🔹 VirusTotal
🔹 Shodan
🔹 URLScan
🔹 Threat Actors
🔹 Tactics, Techniques & Procedures (TTPs)
🔹 Pyramid of Pain
🔹 MITRE ATT&CK Framework
🔹 ATT&CK Matrix
🔹 Tactics & Techniques
🔹 Adversary Groups
🔹 ATT&CK Navigator
🔹 Threat Detection Mapping
🔹 Intelligence-Driven Defense
🎯 Tasks
🔍 Analyze and Enrich Indicators of Compromise (IOCs)
🌐 Investigate Threat Intelligence using OSINT Sources
🛠️ Research Threat Actors and Attack Campaigns
🗺️ Map Security Events to MITRE ATT&CK Techniques
🚀 Practical Labs
🧪 LAB 18 – Cyber Threat Intelligence
• CTI Fundamentals
• Intelligence Lifecycle
• Threat Analysis
🧪 LAB 19 – Threat Intelligence Tools
• VirusTotal
• Shodan
• URLScan
• OSINT Investigations
🧪 LAB 20 – MITRE ATT&CK Framework
• ATT&CK Matrix
• ATT&CK Navigator
• Technique Mapping
🧪 LAB 21 – Pyramid of Pain
• IOC Hierarchy
• Detection Priorities
• Adversary Impact Analysis
🏆 Final Exercise
• Investigate a Realistic Threat Campaign
• Collect & Enrich IOCs
• Profile the Threat Actor
• Map TTPs to MITRE ATT&CK
• Assess Detection Coverage
• Produce a Professional Threat Intelligence Report
🔹 Incident Response Fundamentals
🔹 Incident Response Lifecycle
🔹 Preparation Phase
🔹 Identification Phase
🔹 Containment Phase
🔹 Eradication Phase
🔹 Recovery Phase
🔹 Lessons Learned
🔹 Windows Forensics
🔹 Registry Analysis
🔹 Prefetch Analysis
🔹 LNK Files
🔹 Browser History Analysis
🔹 NTFS & MFT Artifacts
🔹 Digital Evidence Collection
🔹 Memory Forensics
🔹 Volatility Framework
🔹 Process Analysis
🔹 Hidden Process Detection
🔹 Network Connection Analysis
🔹 Malware Investigation
🔹 Fileless Malware Detection
🎯 Tasks
🚔 Analyze an Incident Using the IR Lifecycle
🪟 Investigate Windows Artifacts & User Activity
🧠 Examine Memory Dumps with Volatility
🔍 Identify Malware Indicators & Suspicious Processes
🚀 Practical Labs
🧪 LAB 22 – Introduction to Digital Forensics
• Digital Evidence
• Investigation Fundamentals
• Forensic Methodology
🧪 LAB 23 – Incident Response Process
• IR Lifecycle
• Incident Handling
• Response Workflow
🧪 LAB 24 – Windows Forensics 1
• Registry Analysis
• Windows Artifacts
• Evidence Collection
🧪 LAB 25 – Windows Forensics 2
• Browser Forensics
• File Analysis
• User Activity Investigation
🧪 LAB 26 – Volatility Essentials
• Memory Analysis
• Process Investigation
• Malware Detection
🏆 Final Exercise
• Respond to a Simulated Security Incident
• Collect & Preserve Digital Evidence
• Analyze Windows Artifacts
• Investigate Memory Dumps
• Identify Root Cause & Attack Timeline
• Create a Professional DFIR Investigation Report
• Provide Containment & Remediation Recommendations
🔹 Static Analysis
🔹 Dynamic Analysis
🔹 Malware Classification
🔹 Indicators of Compromise (IOCs)
🔹 File Hashing
🔹 Strings Analysis
🔹 PE Header Analysis
🔹 Metadata Inspection
🔹 Dependency Analysis
🔹 VirusTotal
🔹 Sandbox Analysis
🔹 Process Monitoring
🔹 Registry Monitoring
🔹 Network Monitoring
🔹 Process Monitor (ProcMon)
🔹 Regshot
🔹 Wireshark
🔹 Any.Run
🔹 Cuckoo Sandbox
🎯 Tasks
🔍 Perform Static Analysis on Suspicious Samples
📋 Extract Indicators of Compromise (IOCs)
⚡ Observe Malware Behavior in a Sandbox Environment
🌐 Analyze Network Activity Generated by Malware
🚀 Practical Labs
🧪 LAB 27 – Basic Malware Analysis
• Static Analysis
• Hash Analysis
• IOC Extraction
• Initial Investigation
🧪 LAB 28 – Malware Classification
• Malware Types
• Classification Techniques
• Behavioral Analysis
• Threat Identification
🏆 Final Exercise
• Analyze a Suspicious Malware Sample
• Extract File & Network IOCs
• Classify Malware Behavior
• Investigate Registry & Process Activity
• Document Findings
• Produce a Professional Malware Analysis Report
🔹 Threat Hunting Methodology
🔹 Hypothesis-Based Hunting
🔹 Data Collection
🔹 Investigation Techniques
🔹 Threat Analysis
🔹 Detection Improvement
🔹 Security Data Sources
🔹 Endpoint Logs
🔹 Sysmon Events
🔹 SIEM Data
🔹 Network Traffic Analysis
🔹 Living off the Land Techniques
🔹 PowerShell Abuse Detection
🔹 YARA Rules
🔹 Malware Detection
🔹 IOC-Based Detection
🔹 Sigma Rules
🔹 Detection Engineering
🔹 SIEM Rule Conversion
🔹 Generic Detection Logic
🎯 Tasks
🎣 Create Threat Hunting Hypotheses
🔍 Hunt for Suspicious PowerShell Activity
🦠 Develop YARA Rules for Malware Detection
📝 Create Sigma Rules for Security Monitoring
🚀 Practical Labs
🧪 LAB 29 – Introduction to Threat Hunting
• Hunting Methodology
• Threat Hypotheses
• Investigation Workflow
🧪 LAB 30 – YARA
• Rule Creation
• Malware Detection
• IOC Identification
🧪 LAB 31 – Sigma
• Sigma Rule Development
• Detection Engineering
• SIEM Rule Conversion
🏆 Final Exercise
• Develop a Threat Hunting Scenario
• Create Investigation Hypotheses
• Hunt for Suspicious Activity Across Logs
• Build YARA Detection Rules
• Create Sigma Detection Rules
• Validate Detection Coverage
• Produce a Professional Threat Hunting Report
🔹 Log Parsing
🔹 Log Correlation
🔹 Anomaly Detection
🔹 Security Event Investigation
🔹 Phishing Analysis
🔹 Email Header Analysis
🔹 Email Authentication
🔹 URL Analysis
🔹 Attachment Analysis
🔹 IOC Extraction
🔹 SPF
🔹 DKIM
🔹 DMARC
🔹 Linux Forensics
🔹 Linux Log Analysis
🔹 Authentication Logs
🔹 Syslog Analysis
🔹 Apache Log Analysis
🔹 Cron Monitoring
🎯 Tasks
📧 Analyze a Suspicious Phishing Email
🔍 Extract IOCs from Email Headers & Attachments
🐧 Investigate Linux Authentication & System Logs
📊 Identify Anomalous Activity Through Log Analysis
🚀 Practical Labs
🧪 LAB 32 – Phishing Emails in Action
• Email Header Analysis
• IOC Extraction
• Phishing Investigation
🧪 LAB 33 – Phishing Prevention
• SPF
• DKIM
• DMARC
• Email Security Controls
🧪 LAB 34 – Linux Forensics
• Linux Incident Investigation
• Authentication Analysis
• Log Correlation
🧪 LAB 35 – Logs Fundamentals
• Log Analysis Basics
• Event Interpretation
• Security Monitoring
🏆 Final Exercise
• Investigate a Phishing Campaign
• Extract & Enrich IOCs
• Analyze Email Headers & Attachments
• Correlate Security Events Across Logs
• Investigate a Compromised Linux Server
• Build an Incident Timeline
• Produce a Professional Log Analysis & Incident Investigation Report
🔹 Threat Research
🔹 MITRE ATT&CK Mapping
🔹 Detection Use Cases
🔹 Log Coverage Assessment
🔹 Detection Rule Development
🔹 Sigma Rules
🔹 SIEM Detection Queries
🔹 Detection Validation
🔹 False Positive Tuning
🔹 Detection Gap Analysis
🔹 Detection Lifecycle
🔹 Alert Optimization
🔹 Continuous Monitoring
🔹 Tactical Detection
🔹 SOC Investigations
🔹 Incident Analysis
🔹 Threat Hunting Integration
🔹 DFIR Integration
🔹 Reporting & Documentation
🔹 Capstone Simulations
🚀 Practical Labs
🧪 LAB 36 – Tactical Detection
• Detection Rule Development
• ATT&CK Mapping
• TTP-Based Detection
🧪 LAB 37 – Introduction to Detection Engineering
• Detection Lifecycle
• Rule Design
• Detection Optimization
🧪 LAB 38 – Benign SOC Investigation
• Splunk Investigation
• Alert Validation
• Incident Analysis
🧪 LAB 39 – Conti Ransomware Investigation
• Ransomware Analysis
• Log Correlation
• Incident Timeline Creation
🧪 LAB 40 – Carnage Traffic Analysis
• PCAP Analysis
• Command & Control Detection
• Data Exfiltration Investigation
🧪 LAB 41 – Friday Overtime
• CTI Investigation
• Alert Triage
• Incident Response Workflow
🏆 Final Capstone Project
• Perform Full SOC Investigation
• Analyze Alerts Across SIEM, Endpoint & Network Logs
• Conduct Threat Intelligence Enrichment
• Investigate Malware & Adversary Activity
• Build an Incident Timeline
• Perform Root Cause Analysis
• Create Executive & Technical Reports
• Present Findings & Security Recommendations
🔴 Red Team Skills
✅ Ethical Hacking & Penetration Testing Methodologies
✅ Information Gathering & OSINT
✅ Network Enumeration & Vulnerability Assessment
✅ Web Application Penetration Testing
✅ OWASP Top 10 Security Risks
✅ SQL Injection, XSS & File Inclusion Attacks
✅ Exploitation & Metasploit Framework
✅ Password Attacks & Credential Security
✅ Windows & Linux Privilege Escalation
✅ Active Directory Attacks
✅ Pivoting & Lateral Movement
✅ Professional Penetration Testing Reporting
🔵 Blue Team Skills
✅ SOC Operations & Security Monitoring
✅ Network Traffic Analysis
✅ Wireshark, Zeek & Snort
✅ Windows Event Logs & Sysmon
✅ SIEM Technologies (Splunk & ELK)
✅ Threat Detection & Alert Triage
✅ Threat Intelligence & MITRE ATT&CK
✅ Digital Forensics & Incident Response
✅ Malware Analysis Fundamentals
✅ Threat Hunting Methodologies
✅ Detection Engineering & Security Analytics
🟣 Purple Team Skills
✅ Adversary Emulation
✅ Detection Validation
✅ Attack & Defense Collaboration
✅ MITRE ATT&CK Mapping
✅ Detection Gap Analysis
✅ Security Control Validation
✅ Threat Simulation Exercises
✅ Continuous Security Improvement
Red Team Projects
🔹 Web Application Penetration Testing
🔹 Vulnerability Assessments
🔹 Active Directory Attack Simulations
🔹 Privilege Escalation Labs
🔹 Internal Network Penetration Testing
🔹 Enterprise Attack Chain Exercises
Blue Team Projects
🔹 SOC Alert Investigation
🔹 Network Traffic Analysis
🔹 SIEM Investigations using Splunk & ELK
🔹 Malware Analysis Labs
🔹 Digital Forensics Investigations
🔹 Threat Hunting Scenarios
🔹 Detection Engineering Exercises
Purple Team Projects
🔹 Attack Simulation & Detection Validation
🔹 MITRE ATT&CK Mapping Exercises
🔹 Security Monitoring Improvement Projects
🔹 Detection Gap Analysis
🔹 Threat Emulation Scenarios
🏆 Final Capstone Project
Students will participate in a full cybersecurity engagement where they will:
• Perform Offensive Security Assessments
• Simulate Real-World Cyber Attacks
• Detect & Investigate Security Incidents
• Conduct Threat Hunting Activities
• Analyze Malware & Digital Evidence
• Validate Security Controls
• Improve Detection Capabilities
• Create Professional Technical Reports
✅ Conduct professional penetration testing engagements.
✅ Identify, exploit, and assess security vulnerabilities.
✅ Monitor, detect, and investigate cyber threats.
✅ Perform digital forensics and incident response activities.
✅ Analyze malware and attacker behavior.
✅ Build and optimize SIEM detection rules.
✅ Conduct threat hunting operations.
✅ Understand enterprise Active Directory environments.
✅ Simulate attacker techniques and validate defenses.
✅ Collaborate between offensive and defensive security teams.
✅ Produce professional cybersecurity reports.
✅ Build a strong practical cybersecurity portfolio.
🔹 Penetration Tester
🔹 Ethical Hacker
🔹 Red Team Operator
🔹 SOC Analyst
🔹 Blue Team Analyst
🔹 Threat Hunter
🔹 Detection Engineer
🔹 Incident Response Analyst
🔹 Digital Forensics Analyst
🔹 Security Consultant
🔹 Cybersecurity Specialist
🔹 Purple Team Operator
🔹 Security Operations Engineer
🔹 Cyber Defense Analyst
Full Cybersecurity Mastery Diploma
Program
CyberSecurity
🎓 Start Your Cybersecurity Journey Master the mindset of attackers, defenders, and Purple Team operators while building the technical expertise required for today's most in-demand cybersecurity careers. 🚀
About this Diploma
🎓 Start Your Cybersecurity Journey
Whether your goal is offensive security, defensive security, or becoming a well-rounded cybersecurity professional, this diploma provides the practical skills, methodologies, and real-world experience needed to succeed in modern cybersecurity environments.
Master the mindset of attackers, defenders, and Purple Team operators while building the technical expertise required for today's most in-demand cybersecurity careers. 🚀
Whether your goal is offensive security, defensive security, or becoming a well-rounded cybersecurity professional, this diploma provides the practical skills, methodologies, and real-world experience needed to succeed in modern cybersecurity environments.
Master the mindset of attackers, defenders, and Purple Team operators while building the technical expertise required for today's most in-demand cybersecurity careers. 🚀
Curriculum
21 sections
PHASE 1
🔹 Information Security Overview🔹 CIA Triad
🔹 Ethical Hacking Concepts
🔹 Threat Actors & Attack Types
🔹 Security Controls
🔹 Laws & Regulations
🔹 Security Standards & Frameworks
🔹 Penetration Testing Methodologies
🔹 Pentest Lifecycle
🔹 Rules of Engagement & Scope
🔹 Assessment Methodologies
🔹 Active vs Passive Approaches
🔹 Learning Methodologies
🔹 Documentation & Reporting
🎯 Tasks
📄 Analyze a Sample Security Assessment Report
📝 Write an Executive Summary for a Security Finding
📸 Build Professional Evidence Documentation with Screenshots
🚀 Project
🛡️ Create a Complete Penetration Testing Report
• Executive Summary
• Scope Definition
• Findings
• Risk Assessment
• Recommendations
• Technical Evidence
PHASE 2
🔹 Open Source Intelligence (OSINT)🔹 Public Information Sources
🔹 WHOIS Enumeration
🔹 Passive DNS Analysis
🔹 Search Engine Footprinting
🔹 Social Media Footprinting
🔹 Email Footprinting
🔹 Website Footprinting
🔹 Netcat Fundamentals
🔹 Nmap Fundamentals
🔹 DNS Enumeration
🔹 SMB Enumeration
🔹 SMTP Enumeration
🔹 SNMP Enumeration
🔹 Living off the Land Techniques
🎯 Tasks
🔎 Perform OSINT Investigation on a Sample Target
🌐 Gather Domain & DNS Information using WHOIS and Passive DNS
📡 Discover Hosts and Services using Nmap
🚀 Project
🛡️ Complete Reconnaissance Assessment
• Target Profiling
• OSINT Collection
• DNS Enumeration
• Service Discovery
• Attack Surface Documentation
• Professional Reconnaissance Report
PHASE 3
🔹 Vulnerability Assessment Fundamentals🔹 Vulnerability Types & Categories
🔹 Nessus Security Scanner
🔹 OpenVAS Security Scanner
🔹 Nmap NSE Scripts
🔹 CVE Database
🔹 CVSS Scoring System
🔹 Risk Assessment
🔹 Impact Analysis
🎯 Tasks
🔎 Perform Vulnerability Scan using Nessus
🛡️ Perform Vulnerability Scan using OpenVAS
📡 Discover Vulnerabilities using Nmap NSE Scripts
📊 Analyze CVE Entries and Calculate Risk Severity
🚀 Project
🏆 Comprehensive Vulnerability Assessment Report
• Asset Discovery
• Vulnerability Scanning
• CVE Analysis
• CVSS Scoring
• Risk Prioritization
• Remediation Recommendations
• Executive Summary
• Technical Report
PHASE 4
🔹 Web Application Assessment Methodology🔹 OWASP Top 10
🔹 Burp Suite
🔹 Web Proxies
🔹 Headers Analysis
🔹 Cookies Analysis
🔹 Source Code Review
🔹 API Testing
🔹 Web Server Enumeration
🔹 Web Server Misconfigurations
🔹 Web Shells
🔹 SQL Injection
🔹 SQLMap
🔹 Cross-Site Scripting (XSS)
🔹 Directory Traversal
🔹 Local File Inclusion (LFI)
🔹 Remote File Inclusion (RFI)
🔹 File Upload Vulnerabilities
🔹 Command Injection
🎯 Tasks
🔍 Perform Web Application Enumeration using Burp Suite
🌐 Analyze Headers, Cookies & Source Code
🗄️ Identify SQL Injection Vulnerabilities in a Lab Environment
⚡ Analyze XSS Vulnerabilities and Their Impact
📂 Assess File Handling & Path Traversal Risks
📤 Review File Upload Security Controls
🚀 Project
🏆 Complete Web Application Security Assessment
• Web Application Reconnaissance
• Attack Surface Mapping
• OWASP Top 10 Review
• Vulnerability Identification
• Risk Assessment
• Evidence Collection
• Remediation Recommendations
• Professional Security Report
PHASE 5
🔹 Post-Exploitation Lifecycle🔹 Gaining Access Concepts
🔹 System & Host-Based Attacks
🔹 Application Execution & Persistence Concepts
🔹 Exploit Reliability & Risk Management
🔹 Exploit-DB
🔹 SearchSploit
🔹 Nmap NSE Scripts
🔹 Google Dorking for Research
🔹 Target Exploitation Methodology
🔹 Buffer Overflow Fundamentals
🔹 Cross-Compiling
🔹 Memory Corruption Exploits
🔹 Web Exploit Analysis
🔹 Metasploit Framework
🔹 msfconsole
🔹 Auxiliary Modules
🔹 Exploit Modules
🔹 Payload Concepts
🔹 Meterpreter
🔹 msfvenom
🔹 Resource Scripts
🔹 Authentication Attacks
🔹 Wordlists Fundamentals
🔹 NTLM & Net-NTLMv2
🔹 Hydra
🔹 Hashcat
🔹 John the Ripper
🔹 Cryptography Fundamentals
🔹 Symmetric Encryption
🔹 Asymmetric Encryption
🔹 Hashing
🔹 PKI
🔹 Cryptanalysis
🔹 Cryptographic Attacks
🎯 Tasks
🔎 Research Public Vulnerabilities using Exploit-DB & SearchSploit
🛠️ Explore Metasploit Framework Components
🔐 Analyze Authentication & Password Security Mechanisms
📊 Compare Hashing & Encryption Technologies
🚀 Project
🏆 Exploitation & Access Assessment Report
• Vulnerability Research
• Exploit Analysis
• Authentication Security Review
• Cryptography Assessment
• Risk Analysis
• Technical Findings
• Security Recommendations
• Professional Report
PHASE 6
🔹 Internal Network Attacks🔹 Man-in-the-Middle (MITM)
🔹 ARP Poisoning
🔹 Packet Capture & Analysis
🔹 Wireshark Fundamentals
🔹 Network Sniffing Techniques
🔹 DHCP Attacks
🔹 MAC-Based Attacks
🔹 Session Hijacking
🔹 Network-Level Session Attacks
🔹 Application-Level Session Attacks
🔹 Network Attack Tools & Techniques
🔹 Denial of Service (DoS) Attacks
🔹 Distributed Denial of Service (DDoS)
🔹 Botnets Fundamentals
🔹 Detection & Protection Mechanisms
🔹 Social Engineering Techniques
🔹 Phishing Campaigns
🔹 Client Fingerprinting
🔹 Target Reconnaissance
🔹 Fingerprinting Techniques
🔹 Microsoft Office Security
🔹 Office Macros
🔹 Windows Library Files
🎯 Tasks
📊 Analyze Network Traffic using Wireshark
🔍 Identify Network Protocols and Security Weaknesses
📧 Analyze Real-World Phishing Scenarios
🛡️ Assess Client-Side Security Risks
🚀 Project
🏆 Network & Social Engineering Security Assessment
• Network Traffic Analysis
• Attack Surface Identification
• Session Security Review
• Social Engineering Assessment
• Risk Analysis
• Security Recommendations
• Professional Security Report
PHASE 7
🔹 Malware Fundamentals🔹 Trojan Malware
🔹 Computer Viruses
🔹 Worms
🔹 Ransomware
🔹 Malware Analysis
🔹 Advanced Persistent Threats (APT)
🔹 Fileless Malware
🔹 Antivirus (AV) Architecture
🔹 Detection Engines
🔹 Malware Detection Techniques
🔹 AV Evasion Concepts
🔹 Automated Evasion Techniques
🔹 IDS/IPS Evasion Concepts
🔹 Firewall Evasion Concepts
🔹 Honeypots
🔹 Honeynet Detection Concepts
🎯 Tasks
🔍 Analyze Malware Categories and Their Behaviors
🛡️ Compare Antivirus Detection Mechanisms
📊 Identify Indicators of Compromise (IOCs)
🍯 Study Honeypot Deployments and Detection Methods
🚀 Project
🏆 Malware Threat Assessment Report
• Malware Classification
• Threat Analysis
• Detection Mechanisms Review
• Security Control Assessment
• Risk Evaluation
• Incident Indicators
• Security Recommendations
• Professional Technical Report
PHASE 8
🔹 Post-Exploitation Fundamentals🔹 Situational Awareness
🔹 File Transfer Between Systems
🔹 Data Collection
🔹 Credential Gathering
🔹 Windows Privilege Model
🔹 Windows Access Control Mechanisms
🔹 Service Misconfigurations
🔹 DLL Hijacking Concepts
🔹 Unquoted Service Paths
🔹 Scheduled Tasks
🔹 Access Tokens
🔹 Privilege Abuse Concepts
🔹 Manual Enumeration
🔹 Automated Enumeration
🔹 Credential Harvesting
🔹 System & User Data Analysis
🔹 Linux Privilege Escalation Concepts
🔹 Cron Jobs
🔹 Misconfigured Permissions
🔹 SUID Binaries
🔹 Linux Capabilities
🔹 sudo Misconfigurations
🔹 Kernel Exploitation Concepts
🎯 Tasks
🔍 Perform Manual System Enumeration
⚙️ Review Windows & Linux Security Configurations
🔑 Analyze Credential Storage Mechanisms
📊 Identify Privilege Escalation Risk Factors
🚀 Project
🏆 Post-Exploitation Security Assessment
• System Enumeration
• Privilege Analysis
• Credential Security Review
• Windows Security Assessment
• Linux Security Assessment
• Risk Evaluation
• Security Recommendations
• Professional Technical Report
PHASE 9
🔹 Pivoting Fundamentals🔹 Network Segmentation
🔹 Internal Network Traversal
🔹 Port Forwarding Concepts
🔹 Socat Fundamentals
🔹 SSH Tunneling
🔹 Local Port Forwarding
🔹 Dynamic Port Forwarding
🔹 Remote Port Forwarding
🔹 Windows Port Forwarding
🔹 Plink
🔹 Netsh Port Proxy
🔹 HTTP Tunneling Concepts
🔹 Chisel Fundamentals
🔹 DNS Tunneling Concepts
🔹 dnscat Overview
🔹 Deep Packet Inspection (DPI)
🔹 Traffic Inspection Mechanisms
🔹 Network Evasion Concepts
🎯 Tasks
🌐 Analyze Network Segmentation Scenarios
🔍 Compare Different Port Forwarding Approaches
📊 Study HTTP & DNS Communication Channels
🛡️ Review DPI Detection and Monitoring Mechanisms
🚀 Project
🏆 Network Pivoting & Traffic Analysis Assessment
• Network Architecture Review
• Segmentation Analysis
• Traffic Flow Mapping
• Tunneling Technology Assessment
• Detection Opportunities
• Security Recommendations
• Risk Evaluation
• Professional Technical Report
PHASE 10
🔹 Active Directory Fundamentals🔹 Manual Enumeration
🔹 PowerShell Enumeration
🔹 .NET Enumeration
🔹 SPN Enumeration
🔹 Object Permissions Analysis
🔹 Shared Resources Enumeration
🔹 SharpHound
🔹 BloodHound
🔹 NTLM Authentication
🔹 Kerberos Authentication
🔹 Stored Credentials
🔹 Active Directory Password Attacks
🔹 Kerberoasting
🔹 AS-REP Roasting
🔹 Kerberos Ticket Security
🔹 Domain Controller Trust Model
🔹 Lateral Movement Concepts
🔹 WMI
🔹 WinRM
🔹 PsExec
🔹 DCOM
🔹 Pass-the-Hash
🔹 Overpass-the-Hash
🔹 Persistence Concepts
🔹 Golden Ticket Concepts
🔹 Shadow Copies
🎯 Tasks
🔍 Enumerate Active Directory Objects & Permissions
📊 Analyze AD Relationships using BloodHound
🔐 Review NTLM & Kerberos Authentication Flows
🛡️ Assess Credential Security within Active Directory
🚀 Project
🏆 Active Directory Security Assessment
• Active Directory Enumeration
• Authentication Review
• Privilege Mapping
• Attack Path Analysis
• Credential Security Assessment
• Risk Evaluation
• Security Recommendations
• Professional Technical Report
PHASE 11
🔹 External Network Reconnaissance🔹 Initial Access Techniques
🔹 Attack Chain Methodology
🔹 Web → Internal → Active Directory → Domain Controller Flow
🔹 Phishing for Initial Compromise
🔹 Kerberoasting in Real Scenarios
🔹 NTLM Relay Attacks
🔹 Privilege Escalation to Domain Admin
🔹 Full Box Methodology
🔹 Time Management in Pentesting Exams
🔹 Dependency Chains in Attacks
🔹 Decoy Machines & Misleading Paths
🔹 Try Harder Mindset
🔹 Final Assessment Simulation
🎯 Tasks
🧪 Perform a Full Simulated Penetration Test (End-to-End)
🌐 Start from External Recon and Reach Internal Network
🏢 Achieve Domain Controller Compromise in Lab Scenario
📊 Document Full Attack Chain with Evidence
🚀 Final Project
🏆 Complete Realistic Enterprise Penetration Test
• External Reconnaissance
• Initial Access (Web / Phishing / Exploit)
• Internal Network Pivoting
• Active Directory Exploitation
• Privilege Escalation to Domain Admin
• Full Documentation
• Executive Report
• Technical Report
• Defense Recommendations
PHASE 12
🔹 Blue Team Fundamentals🔹 Red Team vs Blue Team
🔹 Purple Team Concept
🔹 Defensive Security Principles
🔹 SOC Architecture
🔹 SOC Roles & Responsibilities
🔹 L1 Analyst
🔹 L2 Analyst
🔹 L3 Analyst / Threat Hunter
🔹 SOC Manager
🔹 CIRT Team
🔹 Analyst Mindset
🔹 Alert Triage
🔹 Incident Classification
🔹 Escalation Process
🔹 Investigation Methodology
🔹 The 5 Ws Framework
🎯 Tasks
🛡️ Complete Defensive Security Introduction Lab
🏢 Explore SOC Structure & Team Responsibilities
🚨 Perform Alert Triage Scenarios
📝 Investigate Security Alerts Using the 5 Ws Methodology
🚀 Practical Labs
🧪 LAB 01 – Defensive Security Introduction
• SOC Fundamentals
• DFIR Basics
• Threat Intelligence
• SIEM Overview
🧪 LAB 02 – SOC Fundamentals
• People
• Process
• Technology
• SOC Operations
🧪 LAB 03 – Junior Security Analyst
• Analyst Workflow
• Alert Handling
• Incident Escalation
🧪 LAB 04 – SOC Alert Triage
• Alert Classification
• True vs False Positives
• Reporting & Documentation
🏆 Final Exercise
• Analyze Multiple Security Alerts
• Classify Incidents Correctly
• Escalate Critical Findings
• Create a Professional Incident Report
PHASE 13
🔹 Network Traffic Fundamentals🔹 Packets & Protocols
🔹 Traffic Baselines
🔹 Normal vs Anomalous Traffic
🔹 Network Monitoring
🔹 Wireshark Fundamentals
🔹 PCAP Analysis
🔹 Display Filters
🔹 Stream Analysis
🔹 Traffic Statistics
🔹 Zeek (Bro)
🔹 Network Security Monitoring
🔹 Snort IDS/IPS
🔹 Detection Rules
🔹 Alert Analysis
🔹 Signature-Based Detection
🎯 Tasks
📊 Analyze Network Traffic Captures (PCAP Files)
🦈 Investigate Suspicious Activity using Wireshark
📡 Establish a Normal Traffic Baseline
🚨 Review and Analyze IDS Alerts
🚀 Practical Labs
🧪 LAB 05 – Traffic Analysis Essentials
• Network Fundamentals
• Protocol Analysis
• Traffic Monitoring
🧪 LAB 06 – Wireshark Basics
• Packet Capture
• Filtering Techniques
• PCAP Analysis
🧪 LAB 07 – Wireshark Packet Operations
• Stream Analysis
• Statistics
• Advanced Investigation
🧪 LAB 08 – Zeek Basics
• Network Monitoring
• Log Analysis
• Security Visibility
🧪 LAB 09 – Snort Fundamentals
• IDS/IPS Concepts
• Rule Analysis
• Alert Investigation
🏆 Final Exercise
• Analyze a Suspicious PCAP File
• Identify Network Anomalies
• Investigate Security Alerts
• Document Findings
• Create a Professional Network Analysis Report
PHASE 14
🔹 Windows Event Logs🔹 Event Viewer
🔹 Security Event Analysis
🔹 Authentication Events
🔹 Process Creation Events
🔹 Persistence Indicators
🔹 User Account Monitoring
🔹 Service Installation Monitoring
🔹 Endpoint Security Fundamentals
🔹 Windows Core Processes
🔹 Sysmon Fundamentals
🔹 Process Monitoring
🔹 Network Connection Monitoring
🔹 File Creation Monitoring
🔹 Registry Monitoring
🔹 DNS Monitoring
🔹 Host-Based Investigation
🔹 Process Analysis
🔹 Linux Forensics Fundamentals
🎯 Tasks
🪟 Investigate Windows Security Logs
🔍 Analyze Authentication Events
⚙️ Identify Suspicious Process Activity
👁️ Review Sysmon Events for Threat Indicators
🚀 Practical Labs
🧪 LAB 10 – Windows Event Logs
• Event Viewer
• Security Logs
• PowerShell Log Analysis
🧪 LAB 11 – Introduction to Endpoint Security
• Core Windows Processes
• Endpoint Monitoring
• Security Investigation
🧪 LAB 12 – Sysmon Fundamentals
• Sysmon Deployment
• Event Collection
• Event Analysis
🏆 Final Exercise
• Analyze a Compromised Endpoint Scenario
• Investigate User & Process Activity
• Correlate Windows Logs & Sysmon Events
• Identify Indicators of Compromise (IOCs)
• Document Findings
• Create a Professional Incident Investigation Report
PHASE 15
🔹 SIEM Fundamentals🔹 Security Monitoring
🔹 Log Aggregation
🔹 Log Normalization
🔹 Event Correlation
🔹 Alerting & Detection
🔹 Security Dashboards
🔹 Log Sources
🔹 Splunk Fundamentals
🔹 Search Processing Language (SPL)
🔹 Dashboards & Visualizations
🔹 Security Use Cases
🔹 Incident Investigation
🔹 ELK Stack
🔹 Elasticsearch
🔹 Logstash
🔹 Kibana
🔹 KQL (Kibana Query Language)
🔹 Index Patterns
🔹 Data Visualization
🔹 Threat Detection
🎯 Tasks
🧩 Identify and Categorize Log Sources
🔍 Build SPL Queries for Security Investigations
📊 Create Security Dashboards in Splunk
📈 Analyze Security Events using Kibana & KQL
🚀 Practical Labs
🧪 LAB 13 – Introduction to SIEM
• SIEM Concepts
• Log Sources
• Security Monitoring
🧪 LAB 14 – Splunk Basics
• Splunk Navigation
• Search Fundamentals
• SPL Introduction
🧪 LAB 15 – Exploring SPL
• Advanced Searches
• Data Analysis
• Dashboard Creation
🧪 LAB 16 – Investigating with Splunk
• Security Investigation Workflow
• Incident Analysis
• Threat Detection
🧪 LAB 17 – Investigating with ELK
• Kibana Investigation
• KQL Queries
• Log Analysis
🏆 Final Exercise
• Collect & Analyze Security Logs
• Correlate Multiple Events
• Detect Suspicious Activity
• Build Monitoring Dashboards
• Investigate a Security Incident
• Create a Professional SIEM Investigation Report
PHASE 16
🔹 Cyber Threat Intelligence Fundamentals🔹 CTI Lifecycle
🔹 Indicators of Compromise (IOCs)
🔹 Threat Feeds
🔹 Open-Source Intelligence (OSINT)
🔹 VirusTotal
🔹 Shodan
🔹 URLScan
🔹 Threat Actors
🔹 Tactics, Techniques & Procedures (TTPs)
🔹 Pyramid of Pain
🔹 MITRE ATT&CK Framework
🔹 ATT&CK Matrix
🔹 Tactics & Techniques
🔹 Adversary Groups
🔹 ATT&CK Navigator
🔹 Threat Detection Mapping
🔹 Intelligence-Driven Defense
🎯 Tasks
🔍 Analyze and Enrich Indicators of Compromise (IOCs)
🌐 Investigate Threat Intelligence using OSINT Sources
🛠️ Research Threat Actors and Attack Campaigns
🗺️ Map Security Events to MITRE ATT&CK Techniques
🚀 Practical Labs
🧪 LAB 18 – Cyber Threat Intelligence
• CTI Fundamentals
• Intelligence Lifecycle
• Threat Analysis
🧪 LAB 19 – Threat Intelligence Tools
• VirusTotal
• Shodan
• URLScan
• OSINT Investigations
🧪 LAB 20 – MITRE ATT&CK Framework
• ATT&CK Matrix
• ATT&CK Navigator
• Technique Mapping
🧪 LAB 21 – Pyramid of Pain
• IOC Hierarchy
• Detection Priorities
• Adversary Impact Analysis
🏆 Final Exercise
• Investigate a Realistic Threat Campaign
• Collect & Enrich IOCs
• Profile the Threat Actor
• Map TTPs to MITRE ATT&CK
• Assess Detection Coverage
• Produce a Professional Threat Intelligence Report
PHASE 17
🔹 Digital Forensics Fundamentals🔹 Incident Response Fundamentals
🔹 Incident Response Lifecycle
🔹 Preparation Phase
🔹 Identification Phase
🔹 Containment Phase
🔹 Eradication Phase
🔹 Recovery Phase
🔹 Lessons Learned
🔹 Windows Forensics
🔹 Registry Analysis
🔹 Prefetch Analysis
🔹 LNK Files
🔹 Browser History Analysis
🔹 NTFS & MFT Artifacts
🔹 Digital Evidence Collection
🔹 Memory Forensics
🔹 Volatility Framework
🔹 Process Analysis
🔹 Hidden Process Detection
🔹 Network Connection Analysis
🔹 Malware Investigation
🔹 Fileless Malware Detection
🎯 Tasks
🚔 Analyze an Incident Using the IR Lifecycle
🪟 Investigate Windows Artifacts & User Activity
🧠 Examine Memory Dumps with Volatility
🔍 Identify Malware Indicators & Suspicious Processes
🚀 Practical Labs
🧪 LAB 22 – Introduction to Digital Forensics
• Digital Evidence
• Investigation Fundamentals
• Forensic Methodology
🧪 LAB 23 – Incident Response Process
• IR Lifecycle
• Incident Handling
• Response Workflow
🧪 LAB 24 – Windows Forensics 1
• Registry Analysis
• Windows Artifacts
• Evidence Collection
🧪 LAB 25 – Windows Forensics 2
• Browser Forensics
• File Analysis
• User Activity Investigation
🧪 LAB 26 – Volatility Essentials
• Memory Analysis
• Process Investigation
• Malware Detection
🏆 Final Exercise
• Respond to a Simulated Security Incident
• Collect & Preserve Digital Evidence
• Analyze Windows Artifacts
• Investigate Memory Dumps
• Identify Root Cause & Attack Timeline
• Create a Professional DFIR Investigation Report
• Provide Containment & Remediation Recommendations
PHASE 18
🔹 Malware Analysis Fundamentals🔹 Static Analysis
🔹 Dynamic Analysis
🔹 Malware Classification
🔹 Indicators of Compromise (IOCs)
🔹 File Hashing
🔹 Strings Analysis
🔹 PE Header Analysis
🔹 Metadata Inspection
🔹 Dependency Analysis
🔹 VirusTotal
🔹 Sandbox Analysis
🔹 Process Monitoring
🔹 Registry Monitoring
🔹 Network Monitoring
🔹 Process Monitor (ProcMon)
🔹 Regshot
🔹 Wireshark
🔹 Any.Run
🔹 Cuckoo Sandbox
🎯 Tasks
🔍 Perform Static Analysis on Suspicious Samples
📋 Extract Indicators of Compromise (IOCs)
⚡ Observe Malware Behavior in a Sandbox Environment
🌐 Analyze Network Activity Generated by Malware
🚀 Practical Labs
🧪 LAB 27 – Basic Malware Analysis
• Static Analysis
• Hash Analysis
• IOC Extraction
• Initial Investigation
🧪 LAB 28 – Malware Classification
• Malware Types
• Classification Techniques
• Behavioral Analysis
• Threat Identification
🏆 Final Exercise
• Analyze a Suspicious Malware Sample
• Extract File & Network IOCs
• Classify Malware Behavior
• Investigate Registry & Process Activity
• Document Findings
• Produce a Professional Malware Analysis Report
PHASE 19
🔹 Threat Hunting Fundamentals🔹 Threat Hunting Methodology
🔹 Hypothesis-Based Hunting
🔹 Data Collection
🔹 Investigation Techniques
🔹 Threat Analysis
🔹 Detection Improvement
🔹 Security Data Sources
🔹 Endpoint Logs
🔹 Sysmon Events
🔹 SIEM Data
🔹 Network Traffic Analysis
🔹 Living off the Land Techniques
🔹 PowerShell Abuse Detection
🔹 YARA Rules
🔹 Malware Detection
🔹 IOC-Based Detection
🔹 Sigma Rules
🔹 Detection Engineering
🔹 SIEM Rule Conversion
🔹 Generic Detection Logic
🎯 Tasks
🎣 Create Threat Hunting Hypotheses
🔍 Hunt for Suspicious PowerShell Activity
🦠 Develop YARA Rules for Malware Detection
📝 Create Sigma Rules for Security Monitoring
🚀 Practical Labs
🧪 LAB 29 – Introduction to Threat Hunting
• Hunting Methodology
• Threat Hypotheses
• Investigation Workflow
🧪 LAB 30 – YARA
• Rule Creation
• Malware Detection
• IOC Identification
🧪 LAB 31 – Sigma
• Sigma Rule Development
• Detection Engineering
• SIEM Rule Conversion
🏆 Final Exercise
• Develop a Threat Hunting Scenario
• Create Investigation Hypotheses
• Hunt for Suspicious Activity Across Logs
• Build YARA Detection Rules
• Create Sigma Detection Rules
• Validate Detection Coverage
• Produce a Professional Threat Hunting Report
PHASE 20
🔹 Advanced Log Analysis🔹 Log Parsing
🔹 Log Correlation
🔹 Anomaly Detection
🔹 Security Event Investigation
🔹 Phishing Analysis
🔹 Email Header Analysis
🔹 Email Authentication
🔹 URL Analysis
🔹 Attachment Analysis
🔹 IOC Extraction
🔹 SPF
🔹 DKIM
🔹 DMARC
🔹 Linux Forensics
🔹 Linux Log Analysis
🔹 Authentication Logs
🔹 Syslog Analysis
🔹 Apache Log Analysis
🔹 Cron Monitoring
🎯 Tasks
📧 Analyze a Suspicious Phishing Email
🔍 Extract IOCs from Email Headers & Attachments
🐧 Investigate Linux Authentication & System Logs
📊 Identify Anomalous Activity Through Log Analysis
🚀 Practical Labs
🧪 LAB 32 – Phishing Emails in Action
• Email Header Analysis
• IOC Extraction
• Phishing Investigation
🧪 LAB 33 – Phishing Prevention
• SPF
• DKIM
• DMARC
• Email Security Controls
🧪 LAB 34 – Linux Forensics
• Linux Incident Investigation
• Authentication Analysis
• Log Correlation
🧪 LAB 35 – Logs Fundamentals
• Log Analysis Basics
• Event Interpretation
• Security Monitoring
🏆 Final Exercise
• Investigate a Phishing Campaign
• Extract & Enrich IOCs
• Analyze Email Headers & Attachments
• Correlate Security Events Across Logs
• Investigate a Compromised Linux Server
• Build an Incident Timeline
• Produce a Professional Log Analysis & Incident Investigation Report
PHASE 21
🔹 Detection Engineering Fundamentals🔹 Threat Research
🔹 MITRE ATT&CK Mapping
🔹 Detection Use Cases
🔹 Log Coverage Assessment
🔹 Detection Rule Development
🔹 Sigma Rules
🔹 SIEM Detection Queries
🔹 Detection Validation
🔹 False Positive Tuning
🔹 Detection Gap Analysis
🔹 Detection Lifecycle
🔹 Alert Optimization
🔹 Continuous Monitoring
🔹 Tactical Detection
🔹 SOC Investigations
🔹 Incident Analysis
🔹 Threat Hunting Integration
🔹 DFIR Integration
🔹 Reporting & Documentation
🔹 Capstone Simulations
🚀 Practical Labs
🧪 LAB 36 – Tactical Detection
• Detection Rule Development
• ATT&CK Mapping
• TTP-Based Detection
🧪 LAB 37 – Introduction to Detection Engineering
• Detection Lifecycle
• Rule Design
• Detection Optimization
🧪 LAB 38 – Benign SOC Investigation
• Splunk Investigation
• Alert Validation
• Incident Analysis
🧪 LAB 39 – Conti Ransomware Investigation
• Ransomware Analysis
• Log Correlation
• Incident Timeline Creation
🧪 LAB 40 – Carnage Traffic Analysis
• PCAP Analysis
• Command & Control Detection
• Data Exfiltration Investigation
🧪 LAB 41 – Friday Overtime
• CTI Investigation
• Alert Triage
• Incident Response Workflow
🏆 Final Capstone Project
• Perform Full SOC Investigation
• Analyze Alerts Across SIEM, Endpoint & Network Logs
• Conduct Threat Intelligence Enrichment
• Investigate Malware & Adversary Activity
• Build an Incident Timeline
• Perform Root Cause Analysis
• Create Executive & Technical Reports
• Present Findings & Security Recommendations
What You Will Learn
🎯 What You'll Learn
By joining this diploma, you will gain comprehensive cybersecurity skills covering offensive security, defensive security, threat detection, incident response, and Purple Team operations.🔴 Red Team Skills
✅ Ethical Hacking & Penetration Testing Methodologies
✅ Information Gathering & OSINT
✅ Network Enumeration & Vulnerability Assessment
✅ Web Application Penetration Testing
✅ OWASP Top 10 Security Risks
✅ SQL Injection, XSS & File Inclusion Attacks
✅ Exploitation & Metasploit Framework
✅ Password Attacks & Credential Security
✅ Windows & Linux Privilege Escalation
✅ Active Directory Attacks
✅ Pivoting & Lateral Movement
✅ Professional Penetration Testing Reporting
🔵 Blue Team Skills
✅ SOC Operations & Security Monitoring
✅ Network Traffic Analysis
✅ Wireshark, Zeek & Snort
✅ Windows Event Logs & Sysmon
✅ SIEM Technologies (Splunk & ELK)
✅ Threat Detection & Alert Triage
✅ Threat Intelligence & MITRE ATT&CK
✅ Digital Forensics & Incident Response
✅ Malware Analysis Fundamentals
✅ Threat Hunting Methodologies
✅ Detection Engineering & Security Analytics
🟣 Purple Team Skills
✅ Adversary Emulation
✅ Detection Validation
✅ Attack & Defense Collaboration
✅ MITRE ATT&CK Mapping
✅ Detection Gap Analysis
✅ Security Control Validation
✅ Threat Simulation Exercises
✅ Continuous Security Improvement
🛠 Practical Projects & Hands-On Labs
Throughout the diploma, students will work on real-world cybersecurity scenarios designed to simulate modern enterprise environments.Red Team Projects
🔹 Web Application Penetration Testing
🔹 Vulnerability Assessments
🔹 Active Directory Attack Simulations
🔹 Privilege Escalation Labs
🔹 Internal Network Penetration Testing
🔹 Enterprise Attack Chain Exercises
Blue Team Projects
🔹 SOC Alert Investigation
🔹 Network Traffic Analysis
🔹 SIEM Investigations using Splunk & ELK
🔹 Malware Analysis Labs
🔹 Digital Forensics Investigations
🔹 Threat Hunting Scenarios
🔹 Detection Engineering Exercises
Purple Team Projects
🔹 Attack Simulation & Detection Validation
🔹 MITRE ATT&CK Mapping Exercises
🔹 Security Monitoring Improvement Projects
🔹 Detection Gap Analysis
🔹 Threat Emulation Scenarios
🏆 Final Capstone Project
Students will participate in a full cybersecurity engagement where they will:
• Perform Offensive Security Assessments
• Simulate Real-World Cyber Attacks
• Detect & Investigate Security Incidents
• Conduct Threat Hunting Activities
• Analyze Malware & Digital Evidence
• Validate Security Controls
• Improve Detection Capabilities
• Create Professional Technical Reports
🚀 What Will You Achieve After This Diploma ?
After successfully completing the diploma, you will be able to:✅ Conduct professional penetration testing engagements.
✅ Identify, exploit, and assess security vulnerabilities.
✅ Monitor, detect, and investigate cyber threats.
✅ Perform digital forensics and incident response activities.
✅ Analyze malware and attacker behavior.
✅ Build and optimize SIEM detection rules.
✅ Conduct threat hunting operations.
✅ Understand enterprise Active Directory environments.
✅ Simulate attacker techniques and validate defenses.
✅ Collaborate between offensive and defensive security teams.
✅ Produce professional cybersecurity reports.
✅ Build a strong practical cybersecurity portfolio.
💼 Career Opportunities
This diploma prepares you for roles such as:🔹 Penetration Tester
🔹 Ethical Hacker
🔹 Red Team Operator
🔹 SOC Analyst
🔹 Blue Team Analyst
🔹 Threat Hunter
🔹 Detection Engineer
🔹 Incident Response Analyst
🔹 Digital Forensics Analyst
🔹 Security Consultant
🔹 Cybersecurity Specialist
🔹 Purple Team Operator
🔹 Security Operations Engineer
🔹 Cyber Defense Analyst
Prerequisites
✅ No previous cybersecurity experience is required. The program is structured to take learners from beginner to professional level.
Why Study at MTEC Academy?
Hands-on learning environment built for real careers.
Certified Instructors
Professional Instructors
Learning Platform
Training Platform
Practical Tasks
Ongoing Tasks
Multiple Branches
Study on-site at your nearest branch.
Real Student Work
Student Projects
Real portfolio work built by our students across diplomas
1 projects
Portfolio Ready
Swipe to explore more
Start Your Journey
Register for This Diploma
Complete the form below and we will contact you shortly
Real Student Stories
Student Feedback
What our students are saying about this diploma.
Average Rating
— / 5Total Reviews
—
Trusted Network
Our Graduates Work At
Companies and organizations where our alumni build their careers.
8 partner organizations
Trusted Partners
Hover to temporarily pause the carousel